{"id":132,"date":"2015-11-13T23:33:33","date_gmt":"2015-11-13T22:33:33","guid":{"rendered":"http:\/\/ejvindh.net\/?p=132"},"modified":"2015-11-13T23:51:42","modified_gmt":"2015-11-13T22:51:42","slug":"rootchk","status":"publish","type":"post","link":"http:\/\/ejvindh.net\/en\/rootchk\/","title":{"rendered":"Rootchk"},"content":{"rendered":"<p>In 2007 I created a tool to detect certain known rootkits. The tool was created to solve the problem that a lot of helpers in the antimalware communities did not know how to detect these rootkits, and Rootchk could then help by checking for the most common infections.<\/p>\n<p>The tool is essentially build around <a href=\"\/en\/index.php\/chkdrv-exe\/\" target=\"_blank\">chkdrv.exe<\/a>, which is a tool to determine if certain rootkits are present &#8212; either as hidden or visible drivers. Rootchk is furthermore a batch-script that runs through a huge whitelist of rootkit-drivers.<\/p>\n<p>By the end of 2007 I stopped updating the tool. It is thus mainly of historical interest.\u00a0It can still be downloaded &#8212; but don&#8217;t trust the verdict too firmly: <a href=\"http:\/\/www.uploads.ejvindh.net\/Rootchk.exe\" target=\"_blank\">LINK<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In 2007 I created a tool to detect certain known rootkits. The tool was created to solve the problem that a lot of helpers in the antimalware communities did not know how<a class=\"moretag\" href=\"http:\/\/ejvindh.net\/en\/rootchk\/\">Read More&#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,8,5,4,18],"tags":[],"class_list":["post-132","post","type-post","status-publish","format-standard","hentry","category-batchbash","category-computerit","category-programmering","category-spyware","category-cplusplus"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"en","enabled_languages":["dk","en"],"languages":{"dk":{"title":true,"content":true,"excerpt":false},"en":{"title":true,"content":true,"excerpt":false}}},"_links":{"self":[{"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/posts\/132","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/comments?post=132"}],"version-history":[{"count":4,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/posts\/132\/revisions"}],"predecessor-version":[{"id":140,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/posts\/132\/revisions\/140"}],"wp:attachment":[{"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/media?parent=132"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/categories?post=132"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ejvindh.net\/en\/wp-json\/wp\/v2\/tags?post=132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}